<html>
<head>
<title>Register a new account</title>
</head>
<body>

<?php
    /* check they filled in what they supposed to */

    if ((!$_POST['uname'] || !$_POST['passwd'] || !$_POST['email'] || !$_POST['phone'] || !$_POST['city'] || !$_POST['state']
	|| !$_POST['company'] || !$_POST['streetnumber'] || !$_POST['streetname'] || !$_POST['zip'] || !$_POST['url']) && ($_POST['isDealer'])) {
        die('You did not fill in all required fields. <br> <a href="sign_up.html" title="Back">Retry</a>');
    }
	else if((!$_POST['uname'] || !$_POST['passwd'] || !$_POST['email'] || !$_POST['company'] ) && !($_POST['isDealer']))
	{
		die('You did not fill in all required fields. <br> <a href="sign_up.html" title="Back">Retry</a>');
	}
    
    include 'dbconnect.php';
    
    // check if username exists in database.

    if (!get_magic_quotes_gpc()) { //Gets the current configuration setting of magic quotes gpc
        $_POST['uname'] = addslashes($_POST['uname']);
    }
    
    // query the database 
    $query = "select count(*) from AllUsers where LoginID = '".$_POST['uname']."'";  

    $result = mysqli_query( $mysql, $query);
    if(!$result)
    {
      echo 'Cannot run query: '.$result;
      exit;
    }
    
    $row = mysqli_fetch_row( $result );
    $count = $row[0];   
    
    if ( $count > 0 ) {
        die('Sorry, the username: <strong>'.$_POST['uname'].'</strong>'
          . ' is already taken, please select another one.<br> 
	    <a href="sign_up.html" title="Back">Retry</a>');
    }

    // now we can add them to the database.

    if (!get_magic_quotes_gpc()) {
        $_POST['passwd'] = addslashes($_POST['passwd']);
    }
	
	$isDealer = (bool)$_POST['isDealer'];
	
    $insert = "insert into AllUsers (
            LoginID, 
            UserPassword) 
            values (
            '".$_POST['uname']."', 
            '".$_POST['passwd']."')";

    $result = mysqli_query( $mysql, $insert );
    if(!$result)
    {
      echo 'Cannot run query.';
      exit;
    }
    
    
     $insert = "insert into NonAdmins (
	    AllUsers_LoginID,
            Email, 
            Telephone,
	    City,
	    State) 
            values (
	    '".$_POST['uname']."', 
            '".$_POST['email']."', 
            '".$_POST['phone']."',
	    '".$_POST['city']."',
	    '".$_POST['state']."')";

    $result = mysqli_query( $mysql, $insert );
    if(!$result)
    {
      echo 'Cannot run query.';
      exit;
    }
    
    $streetnumber = (int)$_POST['streetnumber'];
    $zipcode = (int)$_POST['zip'];
    if($isDealer)
	{
		$insert = "insert into Dealer (
			NonAdmins_AllUsers_LoginID,
				CompanyName, 
				StreetNo,
			StreetName,
			ZipCode,
			URL) 
				values (
			'".$_POST['uname']."',
				'".$_POST['company']."', 
				$streetnumber,
			'".$_POST['streetname']."',
			$zipcode,
			'".$_POST['url']."')";

		$result = mysqli_query( $mysql, $insert );
		if(!$result)
		{
		  echo 'Cannot run query.';
		  exit;
		}
	}
	else
	{
		$insert = "insert into RegisteredUser ( NonAdmins_AllUsers_LoginID, Name )
			values ( '".$_POST['uname']."', '".$_POST['company']."' )";
			
		$result = mysqli_query( $mysql, $insert );
		if(!$result)
		{
		  echo 'Cannot run query.';
		  exit;
		}
	}

    /* the rest of the information is optional, the only thing we need to 
    check is if they submitted or not. */

//if (isset($_POST['movie'])) 
//	echo "Your address is: $Address<br>";
//else
//	echo "You did not input address<br>";
//
//if(is_array($_POST['Citizenship'])&&(count ($_POST['Citizenship'])!=0))
//{
//	echo "You have citizenship from: ";
//	for($i=0;$i<count($_POST['Citizenship']);$i++)
//	{
//		echo $_POST['Citizenship'][$i] ;
//		echo " ";
//	}
//	echo "<br>";
//}
//			
//echo "Your gender is: $Gender<br>";
//
//if (isset($_POST['movie'])) 
//	echo "Your like movies<br>";
//else
//	echo "Your don't like movies<br>";	
//
//if (isset($_POST['music'])) 
//	echo "Your like musics<br>";
//else
//	echo "Your don't like musics<br>";	
//
//if (isset($_POST['sports'])) 
//	echo "Your like sports<br>";
//else
//	echo "Your don't like sports<br>";	

    	/* close connection */
	mysqli_close($mysql);
?>

<h1>Registered</h1>

<p>Thank you, your information has been added to the database, 
you may now <a href="login.php" title="Login">log in</a>.</p>

</body>
</html>
